|
| Popular Security News |
E-Learning Platform OneClass Exposed Data On Students, LecturersAn Elasticsearch database pertaining to e-learning platform OneClass was found to expose data on over one million students and lecturers, vpnMentor reveals.
read more |
Colorado Officers Placed On Leave After Photos Near Site Of Elijah McClains DeathA statement from the interim police chief of Aurora, Colorado, does not detail the substance of the photos. |
FCC Officially Designates Huawei, ZTE As National Security ThreatsMoney from the FCCs Universal Service Fund can no longer be used on equipment or services from the Chinese firms. |
AGL Loses Its IT Security ChiefCISO departs after more than two years. |
Hacker Ransoms 23k MongoDB Databases And Threatens To Contact GDPR AuthoritiesThe hacker has attempted to ransom nearly 47% of all MongoDB databases left exposed online. |
One Out Of Every 142 Passwords Is 123456The 123456 password was spotted 7 million times across a data trove of one billion leaked credentials, on one of the biggest password re-use studies of its kind. |
Officials: Russian Bounty Reports Follow Years Of Kremlin Support To TalibanAs early as 2016, U.S. intelligence officials were receiving credible reports that the Russian government was funding the Taliban. Now those reports have taken on new relevance. |
Attack Surface Growing For Healthcare IndustryAttack Surface for Healthcare Firms is Pivoting and Scaling to Considerable Proportions, Report Finds
read more |
|
| See More |
|
| Latest Security News |
European Police Shut Criminal Phone Network Used To Plan MurdersPolice said Thursday they had shut down an encrypted phone network used as a key tool by organised crime groups across Europe to plot assassination attempts and major drug deals.
read more |
Inside A Ransomware Attack: From The First Breach To Encrypting A Network In Just Two WeeksSecurity researchers map out how a ransomware attack plays out. |
Microsoft Word Reads To You: How To Use The Speak And Read Aloud CommandsCan Microsoft Word read to me? Yes, it can. The Speak feature was incorporated into Microsoft Office (Word, Outlook, PowerPoint, etc.) back in version 2003. It was called Text to Speech (TTS) then, and it functioned much the same as it... |
133m Records For Sale As Fruits Of Data Breach Spree Keep Raining DownDatabases can be had for as little as $100, on up to $1,100. Most, if not all, are being sold by the hacking group Shiny Hunters. |
House Of Lords Calls For Gamer Loot Boxes To Be Regulated Under Gambling LawsLoot boxes, skins, and other in-game purchases could come under new scrutiny in the UK. |
|
| See More |
|
| Latest News from Research Labs |
Microsoft Releases Emergency Update To Fix Two Serious Windows FlawsThe out-of-band update plugs two remote code execution bugs in the Windows Codecs library, including one rated as critical
The post Microsoft releases emergency update to fix two serious Windows flaws appeared first on WeLiveSecurity |
Ransomware Gangs Don’t Need PR HelpWeve seen an ugly trend recently of tech news stories and cybersecurity firms trumpeting claims of ransomware attacks on companies large and small, apparently based on little more than the say-so of the ransomware gangs themselves. Such... |
COVID‑19 Contact Tracing – Technology Panacea Or Privacy Nightmare?Can a technological intervention stem the pandemic while avoiding the privacy pitfalls of location tracking?
The post COVID‑19 contact tracing – technology panacea or privacy nightmare? appeared first on WeLiveSecurity |
COVID-19 ‘Breach Bubble’ Waiting To Pop?The COVID-19 pandemic has made it harder for banks to trace the source of payment card data stolen from smaller, hacked online merchants. On the plus side, months of quarantine have massively decreased demand for account information that... |
Remote Access At Risk: Pandemic Pulls More Cyber‑crooks Into The Brute‑forcing GamePoorly secured remote access attracts mostly ransomware gangs, but can provide access to coin miners and backdoors too
The post Remote access at risk: Pandemic pulls more cyber‑crooks into the brute‑forcing game appeared first... |
|
| See More |
|
| Latest Security Videos & Podcasts |
What’s Wrong With WebSocket APIs - Unveiling Vulnerabilities In WebSocket APIs - Mikhail EgorovWebSocket protocol is many times more efficient than HTTP. In recent years we can observe that developers tend to implement functionality in the form of WebSocket APIs instead of traditional REST APIs, that use HTTP. Modern technologies... |
What Has Data Science Got To Do With It - Thordis ThorsteinsIn this talk I want to shed some light on data science’s place within security. You can expect to learn how to see through common data science jargon that’s used in the industry, as well as to get a high level understanding of what’s... |
Well, That Escalated Quickly - A Penetration Testers Approach To Windows Privilege Escalation - Khalil BijjouCompanies engage security experts to penetrate their infrastructures and systems in order to find vulnerabilities before malicious persons do. During these penetration tests, security experts often encounter Windows endpoints or servers... |
The Turtle Gone Ninja - Investigation Of An Unusual Crypto-Mining Campaign - Ophir Harpaz And Daniel GoldbergAt first sight, Nansh0u is yet another attack campaign aiming to mine a marginal crypto-currency named TurtleCoin. However, things get much more interesting once you gain full access to the attacker’s infrastructure. Our investigation... |
The Future Is Here - Modern Attack Surface On Automotive - Lior YaariWorking as a security researcher for the automotive industry, I received futuristic equipment to test. Test? Hack! In two or three years from now, our vehicles will be full of communication interfaces to the outside world. V2X technologies,... |
|
| See More |
|
| Latest Security Papers & Presentations |
All My Stripes: The New Business Imperative Of LGBTQ+ Inclusion“Don’t talk, just act. Don’t say, just show. Don’t promise, just prove.” -Hiroko Tsuchimoto As another LGBTQ+ Pride month comes to a close and I look back at the rainbow striped logos companies used...Go on to the site to read... |
Vishing Spikes As Workforces Go Remote: 6 Vishing Prevention Tips Anyone Can FollowIntroduction With thousands of teams worldwide being asked to work remotely to help contain the spread of COVID-19, scammers have a fertile ground to prey upon telecommuters. One scam that workers...Go on to the site to read the full... |
How To Get Promoted In A Cybersecurity CareerIntroduction: What the cybersecurity talent market looks like at the moment Are you considering a career in cybersecurity? If so, this is actually a great time to be in the field, especially with an...Go on to the site to read the full... |
Preventing Cybersecurity Employee Burnout And Churn: 6 Tips For ManagersIntroduction “Burnout” and “churn” are two words that probably send shivers down the spines of most cybersecurity managers. After all, employees who are “feeling the burn,” so to speak, abandon their...Go on to the site to read... |
Can 2FA Prevent Breaches? Lessons Learned From The SFO Airport Watering Hole AttackIntroduction In March 2020, two websites serving customers of San Francisco International Airport were hacked. The websites used first-factor authentication only and the cybercriminals had inserted...Go on to the site to read the full... |
|
| See More |
|
|
